Leaked passwords, hacked websites, and stolen data. It seems there's no end to cyber dangers today. And, while you may not want to believe it, small businesses make especially tempting targets. Fortunately, you can access protection strategies that aren't just for big companies anymore.

Endpoint security solutions let small and midsize operators protect themselves without requiring a lot of IT expertise or expensive network equipment. In this article, we've outlined a couple of platforms that focus on endpoint security in different ways.

What is Endpoint Security?

Endpoint security revolves around the notion that the majority of cyber threats enter the network through an endpoint—a desktop computer, for example, or a mobile phone. "There are more variants of malware every day than one could reasonably keep up with," explains Simon Crosby, co-founder and CTO of Bromium.

Considering the many thousands of malware iterations that are constantly cropping up, Crosby says, "There's no antivirus engine on the planet that can keep up with that." That's where endpoint security comes in. Rather than trying to detect and eradicate threats once they're inside the network, security vendors now give the endpoints their own defensive mechanisms.

Evolving Cyber Threats Affect SMBs More Than You Think

Small and midsized business operators often make the (incorrect) assumption that they aren't in hackers' crosshairs, but today's threat vectors don't discriminate that much. The security risks for SMBsare just as high as for any other business.

"Where larger companies risk brand reputation if they're breached or if their website gets defaced, smaller companies face business operational risk if their systems go down," explains Chris Carlson, director of product marketing at Invincea. If you can’t take orders because the computer system's been hacked, or because the website's out of operation, then the money doesn't flow in. It's a scenario that can wreak devastating financial damage on an small business in a very short period of time.

In addition, the very nature of today's connected environment means that many small businesses gather and process the very same valuable data—credit card numbers, insurance information, personal details—large companies collect. From independent insurance agents to dental practices to small legal firms, small businesses increasingly retain the kind of information that thieves love.

FreeSpace by Invincea

FreeSpace, an endpoint security product developed by Invincea, works on four interlocking principles: containment, detection, prevention and intelligence. It accomplishes all of these by using secure virtual containers to process the execution of software (Web browsers, PDFs, spreadsheets, etc.).

Carlson outlines the product's actions. "[It] contains the activity separate from the host operating system, and [it] detects when something operates outside of normal behavior of the software. Prevention actually kills that process and stops it all together. Then, when you restore your container, it flushes out any malware artifacts that may be on the system [and keeps] your system in a pristine state," he explains. FreeSpaces uses virtual containers to keep potential malware in a safe environment, separate from other computers and network assets.

One benefit of an endpoint security solution: it's active on the device even when the device isn't plugged into the business's network. For small business employees who travel or frequently work from home, this is a big deal. "It virtualizes on the system itself," Carlson explains.

The FreeSpace software is lightweight, consuming less than one percent of the CPU. "We've optimized it to run on the widest variety of platforms," Carlson says. That includes 32-bit operating systems, the still-popular Windows XP, existing virtual desktops, and even Windows 8.1, which is running on a number of tablets. Dell includes a customized version of FreeSpace on select devices. You can manage FreeSpace on an individual basis, so people using it on different types of devices can fine tune it to their specific needs.

VSentry by Bromium

Bromium's endpoint security product, vSentry, is also designed to isolate malware before it can dig its way into the system. Tabs in your browser, email attachments—each one represents a potential threat, and eache one is an executable instance. Rather than processing those willy-nilly, vSentry isolates each one independently while it's still on the endpoint device.

VSentry safely deals with any potential malware by opening each executable instance in a hardware-isolated runtime environment called a "micro-VM" or micro virtual machine. Crosby says this process is imperceptible to the user. "We can deliver a rich, powerful, normal user experience," he explains. You might not see any change, but behind the scenes the execution occurs in isolation, away from the operating system.

By using an endpoint security platform, you no longer need antivirus suites or employees to be the first line of defense against attackers. "As soon as you close the document or close the browser tab, vSentry automatically erases everything the bad guy did from the endpoint," says Crosby. "You end up with a design that is completely self-remediating."

Installing vSentry is simple. "You just drop it on the endpoint as a Windows installer file, using the existing tool you use to deploy any application to an endpoint. That's all there is to it," Crosby says. "The user sees no change to their work environment, but the enterprise is protected in the sense that all un-trusted executions and thereafter are automatically isolated."

Julie Knudson is a freelance writer whose articles have appeared in technology magazines including BizTech, Processor, and For The Record. She has covered technology issues for publications in other industries, from foodservice to insurance, and she also writes a recurring column in Integrated Systems Contractor magazine.

Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!

Please enable Javascript in your browser, before you post the comment! Now Javascript is disabled.

Comment and Contribute

Your name/nickname

Your email

Website

Subject

Get free tips, news and advice on how to make technology work harder for your business.